Oracle JRE 8 must lock the option to enable users to check publisher certificates for revocation.ID: oval:org.secpod.oval:def:73206 | Date: (C)2021-06-08 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
Certificates may be revoked due to improper issuance, compromise of the certificate, and failure to adhere to policy. Therefore, any certificate found revoked on a CRL or via Online Certificate Status Protocol (OCSP) should not be trusted. Permitting execution of an applet published with a revoked certificate may result in spoofing, malware, system modification, invasion of privacy, and denial of service.
Ensuring users cannot change these settings assures a more consistent security profile.
Platform: |
Microsoft Windows Server 2016 |
Microsoft Windows 7 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2019 |